VulnHub - GameOver vm - challenge 004
I moved to the next challenge, which was the XSS challenge, but more complex than the old one.
This took me a while, as I had to find the right way to bypass a XSS filter, only to find out the 'XSS' was what was being filtered.
https://www.exploit-db.com/papers/15446/
- I checked the ASCII table to built my XSS, so from:
<script>alert("XSS!");</script>
,it became:
<script>alert(String.fromCharCode(88,83,83,33))</script>
And received:
0 comments:
Post a Comment